Access with SSH/rsync/BorgBackup

Last change on 2022-06-24 • Created on 2020-05-18

SSH / rsync / BorgBackup

The Storage Box provides an extended SSH service on port 23. With this service, can you use rsync, BorgBackup and some additional command line tools.

To create an SSH connection on your Storage Box, first activate the SSH support setting for your Storage Box via the Robot administration interface. After that, can you access it via command line:

ssh -p23 uXXXXX@uXXXXX.your-storagebox.de

It is possible to get interactive SSH access, but this access is limited. There is no full shell. For example, it is not possible to use pipes or redirects. It is also not possible to execute uploaded scripts.

You can also directly execute commands via SSH like this:

ssh -p23 uXXXXX@uXXXXX.your-storagebox.de mkdir new_directory

If you use a sub-account, then please use the username of the sub-account for the SSH connection.

For SSH key authentication, you must save a public SSH key in normal OpenSSH format on your Storage Box. Do not save the key in RFC4716 format. For a more detailed guide, please see Storage Box SSH Keys.

Only the directory /home/ is writable on the Storage Box. To address directories or files on the Storage Box, we therefore recommend that you use relative paths. For example, to download the file /server1/full_backup.tar.gz from the Storage Box, you can use the following file paths:

server1/full_backup.tar.gz
./server1/full_backup.tar.gz

BorgBackup

With BorgBackup, you can save encrypted and duplicate backups of your Storage Box. You can find a guide for how to do this at BorgBackup.

The Storage Boxes do use Borg 1.2 as default version. If you want to use an older version, you can do so by specifying the additional argument --remote-path=<borg-version>. For example:

borg init --encryption=repokey --remote-path=borg-1.1 ssh://uXXXXX@uXXXXX.your-storagebox.de:23/./borg-repository

Append Only Mode

It is possible to use Borg in an append only mode. This mode only allows the creation of new archives, but denies the deletion of old archives. You can find instructions for the configuration on the official BorgBackup documentation.

Note: A restricted client can still execute archive deletions. The archives will not directly be deleted, but marked as deleted. To delete the archives, you must execute a delete or execute a write operation from an unrestricted client. To restore an archive which is marked as deleted, please follow the BorgBackup documentation.

rsync

You can use rsync to upload the current state of your file directories to your Storage Box. For example, to upload a local directory to the Storage Box, you can use rsync as follows:

rsync --progress -e 'ssh -p23' --recursive <local_directory> <username>@<username>.your-storagebox.de:<target_directory>

To re-download a directory from the Storage Box, you only need to swap the directories:

rsync --progress -e 'ssh -p23' --recursive <username>@<username>.your-storagebox.de:<remote_directory> <local_directory>

It is not possible to customize the user and group ID of the uploaded files. We also do not recommend backing up your whole server like this. For such tasks, we recommend a backup tool like BorgBackup.

SCP

You can also use SCP via port 23. To upload a file via SCP, you can execute the following command:

scp -P 23 <local_file> <username>@<username>.your-storagebox.de:<remote_file>

To download the file again, you only have to swap the target and source files:

scp -P 23 <username>@<username>.your-storagebox.de:<remote_file> <local_file>

SFTP

Accessing your Storage Box via SFTP is similar to accessing it with an FTP client. To start an SFTP session, please execute the following command:

sftp -P 23 <username>@<username>.your-storagebox.de

You can then upload files using put and download them using get. With ls, you get a directory listing:

sftp> put 100MB.file
Uploading 100MB.file to /home/100MB.file
100MB.file                           100%  100MB  78.7MB/s   00:01
sftp> ls -ahl
drwxr-xr-x    0 12345      12345     16B  Mar 28 10:55 .
dr-x--x--x    0 0          0         10B  Mar 27 12:16 ..
-rw-r--r--    0 12345      12345     100M Mar 28 11:34 100MB.file
sftp> get 100MB.file
Fetching /home/100MB.file to 100MB.file
/home/100MB.file                     100%  100MB 110.6MB/s   00:00
sftp> quit

dd

You can use dd to up- or download data directly to/from the Storage Box. For example, you can execute the following to create an archive file using Linux and upload it directly to the Storage Box:

tar -cz <Source-Directory> | ssh -p23 uXXXXX@uXXXXX.your-storagebox.de "dd of=archive.tar.gz bs=4M"

To download this archive again and extract it execute this:

ssh -p23 uXXXXX@uXXXXX.your-storagebox.de "dd if=archive.tar.gz bs=4M" | tar -xz -C <Target-Directory>

Rclone

You can use the SFTP backend in Rclone to access the Storage Box. To configure Rclone run the command rclone config and follow the assistant.

Alternatively can you also manually configure it. A minimal configuration (default path ~/.config/rclone/rclone.conf) looks like the following:

[storagebox]
type = sftp
host = uXXXXX.your-storagebox.de
user = uXXXXX
port = 23
pass = <obscured-password>

To obscure the password execute the command rclone obscure <clear-text-password>.

Instead of the password in the pass variable can you also specify a SSH key with the configuration variable key_file = <path-to-private-key>.

You can then access the Storage Box like the following:

rclone ls storagebox:

Please check the Rclone documentation for more details.

Cpanel and JetBackup

You can find a guide for the configuration here.

SSH Host Keys

In order to ensure the authenticity of the connection, you can compare the host keys of the Storage Box with the keys below.

SHA256:XqONwb1S0zuj5A1CDxpOSuD2hnAArV1A3wKY7Z3sdgM (ED25519)
SHA256:EMlfI8GsRIfpVkoW1H2u0zYVpFGKkIMKHFZIRkf2ioI (RSA)
SHA256:RWkLouD9tfTwdboJOzjiWo5njZI59Hcta82ttAWxDA0 (DSA)
SHA256:oDHZqKXnoMtgvPBjjC57pcuFez28roaEuFcfwyg8O5c (ECDSA)

Available Commands

You can use the following commands on the Storage Box:

ls
cd
pwd
mkdir
rmdir
du
df
dd
cat
touch
cp
rm
mv
chmod
md5
sha1
sha256
sha512
md5sum
sha1sum
sha256sum
sha512sum
Table of Contents